Article Description

From the author of

Jeff
Doyle, author of the networking bible
Routing TCP/IP, Volume I and
II, is an authority on IP routing
protocols, MPLS, and IPv6. As owner of IP network consulting firm Jeff Doyle and
Associates, Jeff has traveled the world designing large-scale IP service
provider networks throughout North America, Europe, Japan, Korea, Singapore, and
the People's Republic of China. Jeff has held senior networking positions at
Juniper Networks and International Network Services, and recently
joined Synergy Research as a vice president of research, focusing on IP
infrastructure and Metro/carrier Ethernet. I spoke with Jeff about his thoughts
on the near depletion of IPv4 addresses, how far along businesses are in moving
toward total IPv6 deployment, and how the U.S. stacks up against other countries
in its support for IPv6.

At what stage in
the process are service providers and enterprises with their IPv6
deployments?

There's a
certain amount of panic now, especially among service providers. For
enterprises, there's not a lot of interest unless they're very large
enterprises. For service providers, such as the one I'm working with
now—and another Tier 1 provider with which we're wrapping up another
project—they're still in the experimental phase. It's not as if next week
you can call up your service provider and say, "I want IPv6 in my home." We're a
long way from there. Large communications projects among large defense
contractors will mostly be IPv6-enabled.

What have been
the drivers to IPv6?

Here in the
U.S., the government is driving IPv6 implementation, as agencies require IPv6
for everything they contract. The other driver is simply service providers
looking at IPv4 depletion and realizing that it's a year or two
away.

How far along is
the U.S. government in deploying IPv6, and what are the lessons
learned?

There are so
many agencies in government, and each one has its own network and its own
challenges, so it's difficult to speak about government deployment in that broad
sense. But the lesson learned by the agencies is that it's a lot more complex
than a lot of people expect, especially around the edges. When you think of
IPv6, you think of turning on IPv6 on all interfaces, but it doesn't make much
sense to enable IPv6 if you can't manage or secure it. Those considerations
don't get looked at.

Whose
responsibility is that? The management and security vendors?

Vendors focus
their engineering resources to where they get demand from customers. So it's up
to the user to go to their vendor and ask for a roadmap so they can decide
whether to continue to buy the vendor's product or go somewhere else. We're
seeing more and more service providers ask vendors, but IPv6 is still vaporware
from a lot of vendors. At the core network, most router vendors support IPv6
very solidly, and network management is starting to get there. Security is
getting a bit better, but it's still a problem; it's hard to find products to
secure IPv6 networks. Most network operations people want to manage and secure
their IPv6 network the same way as they do for IPv4. A lot of vendors will offer
a roadmap rather than be able to give demonstrable proof that they support IPv6.
So compliance and interoperability testing in the lab is an essential part of an
IPv6 deployment.

When I begin a
dialogue with customers about IPv6 compliance, one of things I tell them is that
they can't just create one checkbox for compliance, because that lets vendors
get away with a lot. You have to be very specific as to what you mean by
"compliant." What do you need them to support? What kind of interoperability do
you need them to support?

Why have vendors
taken so long?

Customers have
only recently begun asking vendors when their products are going to be
IPv6-compliant. The process to compliance takes at least a year, so if just in
the last six months customers have begun asking their vendor, it will still be
another six months before the product is available.

So what's going
to happen when IPv4 addresses are depleted? Is the Internet going to
stop?

No! [Laughs.]
IPv6 advocates emphasize that when the last IPv4 addresses are given out,
nothing is going to stop working. But things will stop growing, because once the
last address is given out, anything that needs a new public IP address can't be
built without doing something like NATing. There is a lot of discussion about
carrier-grade NAT [Network Address
Translation]. NAT was
created as a stopgap. It allows you to use a large number of private IP
addresses behind a device. All the private addresses will share one or a few
public IP addresses. Ninety percent or more of public organizations use NAT. It
doesn't work well in the service provider scale when you're talking about
hundreds of thousands of users, so that's why carriers are talking about
carrier-grade NAT.

I think the
right people in the U.S. are seeing the need to go to IPv6 and are making the
right moves. There are interesting similarities to the Y2K problem. Y2K was all
gloom and doom, with people predicting that systems would collapse, but nothing
happened. The clocked ticked over to 2000 and almost everything worked. The
reason was not because it was a fake issue; it was that everyone who understood
that their business could be threatened by a Y2K bug spent the money to ensure
that nothing would collapse. I think to some degree the same is happening with
IPv6 - the people whose business depends on it are doing the right things now.
The real challenge is that most end users don't know what IP is. All they know
is they want their applications and services to work correctly. That's the
challenge—to make sure that as we move to IPv6 users won't even
notice.

How far along
toward IPv6 deployment are the service providers that you're working
with?

Different
service providers are in different phases and are taking different approaches,
depending on their culture and plans. It's all directed toward eventual public
deployment of IPv6, but most of them now are still in private testing. Some have
rolled out IPv6 access on a limited basis to select customers. Others are
offering IPv6 to any customer who asks for it. But deployment is not widescale
at any service provider, not even NTT [of Japan], which has the premiere IPv6
deployment in the world. Its entire network core is IPv6-capable, but even there
you still have to request IPv6 connectivity; it's not something you get
automatically.

Has NTT received
many requests for IPv6 services?

There are a lot
of activities going on in Japan, and NTT is doing a lot of trial projects
delivering services to the home over IPv6, such as video services.

What have been
the challenges for service providers as they plan for IPv6
deployment?

One of the big
challenges for network operations people at service providers is going to the
C-level executives, particularly the CFO [chief financial officer], and saying,
"We need to spend millions of dollars to upgrade to support IPv6." The CFO will
come back and say, "Why do we need to spend this when competition is tight, and
how do we make money with this?" The CTO [chief technology officer] will say,
"We can't make money." The CFO will then say, "Who are the customers for this?"
and the CTO answers, "Well, there aren't any." The CTO understands that IPv6 is
not a matter of becoming a profit center; it's basically an infrastructure
upgrade. But it's hard to make the case to people who are funding the business
that they have to spend a whole lot of money for something that they don't see a
whole lot of direct customers for right now.

You travel the
world extensively to countries such as China and India to consult with national
service providers. China has embarked on China's Next
Generation Internet, a
five-year plan for early adoption of IPv6. Should the U.S. view China as a
threat?

Sometimes China
can be viewed as a threat, when you look at China as a commercial competitor.
But for China, the issue is that it's going through enormous growth, and now
more and more people are moving to the middle class and they're buying services
and entertainment that's provided by IP. The other thing is that China is
looking to IPv6 as an opportunity to show some leadership. It has seen the U.S.
(until recent years) asleep at wheel on IPv6. And it has seen Japan make
competitive moves, so China sees an opportunity to position itself as
technologically advanced by deploying IPv6. That's why you see China showcasing
IPv6 in places like the 2008
Olympics.

Here's an
anecdote: I was being interviewed by a reporter in China and we were talking
about why China is deploying IPv6 because of its population growth. I jokingly
said, "Of course, a large percentage of the population is still farmers or
people in rural areas who don't need Internet connectivity." The reporter said
not everyone may have a computer, but they bet everyone has a cell phone. That's
a good point. One of the ways people access the Web is via cell phone. In China,
universities may have dorm rooms with just one Internet connection, so it's very
common for university kids to use their cell phones to get on the
Internet.

If you look at
developing countries (for example, in Africa), the main source of Internet
access is through mobile phones, so that's going to be a huge driver because
each one of these devices needs an IP address.

How far is India
in IPv6 deployment?

India has a lot
of parallels with China. It has a big population with a developing economy that
is creating a growing middle class. What that represents is the same kind of
demand for IP-based services as in China. While India is not as far along as
China economically, its IPv6 challenges are going to be the same./>

There's not
going to be the same level of interest in IPv6 [in India] as in China, but you
will see strong IPv6 interest in five years, as India has no
choice.

Which country's
philosophy do you admire the most?

Japan's, because
it was visionary. It saw the challenges early enough. Japan was talking
seriously about IPv6 when others around the world were questioning whether we
would really need IPv6. Japan started doing something about it in the late
1990s. I also have a lot of admiration for what's going on in China, which is
being very practical about IPv6 deployment and addressing the problem in a clear
and logical fashion.

When you visit
service providers in different countries, are they curious about what's going on
elsewhere?

It's usually one
of the first questions I'm asked. In my business, I capitalize on that; it's my
competitive differentiator. I've visited so many countries, and for years,
wherever I am in the world, one of the first questions from service providers
is, "What's everybody else doing?" Service providers are very conservative
companies. Everyone wants to present themselves as cutting-edge, and there are
cool things coming out of service providers, but competition is intense and the
margins are so small that by necessity service providers don't want to do
anything that's too different from what everyone else is doing. If they make the
wrong decision, it could be fatal.

Final question:
In your
Network
World blog, you've asked
readers for their thoughts
on what they'd like to see in a potential Volume III of the
Routing
TCP/IP series. What was
the feedback, and when can we expect such a volume?

I would love to
do a Volume III. One of the big areas of feedback was for an updated book on
switching. While I don't disagree with this, the series is about routing
TCP/IP—switching is Layer 2, while routing is Layer 3, so I don't see
switching as a right fit. What I would love is a book on MPLS, but my Cisco
Press editors say that the market is saturated with MPLS books. I still think I
could do one with a perspective that's different, but until I can sell Cisco
Press on that—and find the time to work on it—it's still just an
idea that's out there. Another big suggestion is something that gets away from
basic technology and goes into a broader view of network design. That could fit
very well into Cisco's new CCDE [Cisco Certified
Design Expert]. A design
book could be a good way to go.

Linda Leung is an independent
writer and editor in California. Reach her at leungllh@gmail.com.